WordPress 3.7 Automatic Upgrades Proving to Be Reliable

The first WordPress 3.7 Release Candidate was sent out into the wild last Friday. So far it’s been testing very well. The flagship feature of this release is the ability for WordPress to automatically update itself, as highlighted in the customary haiku:

WordPress three seven
A self-updating engine
Lies beneath the hood

Automatic background updates seems like a daunting feature to launch across millions of blogs, but WordPress 3.7 includes code to roll back a failed automatic upgrade. Even so, Nacin tweeted yesterday that after 25,000 updates to RC1, there hasn’t been one single rollback. So far it looks like the automatic background updates for security and minor releases is proving to be remarkably reliable.

Nacin has done everything in his power to determine points of failure within the feature but so far it’s been holding up nicely:

We’ve tried all sorts of things to trip up the updater in WP 3.7, like changing file perms, simulating network issues, having no disk space.

Currently two emails are being sent out when the automatic upgrades are successful: one for debugging and the other standard email that all users of 3.7 will receive. Once 3.7 is officially released you will no longer get the debugging email. However, there is a filter that you can use to keep it turned on if you like.

Jeff recently polled Tavern readers to see how they will be implementing the automatic updates on their sites, as many readers previously had expressed reservations. At this time it seems that only 1 in 4 people polled will be disabling automatic updates completely, while the remaining 75% are open to using them to varying degrees. The results of Nacin’s testing of RC1 should inspire even more confidence. If all goes well, it looks like we should have the official WordPress 3.7 release sometime this week.

Like this:

Related

14 Comments

It’s worth pointing out (and Andrew Nacin will attest) that a huge amount of the work done on shoring up the reliability of auto updates has been done by Dion Hulse (dd32). Big props to all those who’ve been working on this feature!

Sigh… talk about missing the point. The danger with automatic updates isn’t that the update itself will fail. In three years of using WordPress continually, I never had an update fail me.

No, the danger is that a perfectly successful update will break something in the website. A plugin. A theme. Some other customization. And you won’t know until the next morning… or until Monday morning… or until you return from vacation. And by that time you won’t even be able to tell if it was the update that broke things or something else. You’ll lose readers, and possibly buyers, you’ll waste time and energy, and all because a dumb piece of software thought it knew better than a human being.

I’m one of those 25% who will never, ever enable auto-updates in any way, shape or form. Too bad you refuse to understand why.

Miroslav > It shouldn’t affect your theme – unless of course your theme is TwentyTen, TwentyEleven, TwentyTwelve, TwentyThirteen or TwentyFourteen (I just noticed I had all 5 of them in my theme folder). If you’re using a completely different theme other than the WordPress defaults, or you’re using a child theme of the defaults, then you should be fine as far as your modifications go.

Felix > It’s always a concern, yes. However a security fix shouldn’t affect or break a site too much. A major update, maybe. Having said that, these updates aren’t for people who regularly visit, maintain & update their sites. The auto-updater is aimed more towards those who basically ‘set and forget’.

@Felix – This is why this feature is for security and minor releases only. We’re talking a limited number of carefully considered fixes to address security issues or major bugs. We’ve been doing this a long time and have gotten extremely good at avoiding breaking plugins or themes (even the terribad ones).

One can enable background updates for major releases too. It’s no more difficult for us to implement — but, of course, it is more difficult for us to avoid breaking sites. We aren’t missing the point. This is the point right here. We know how dangerous and scary this can be, which is why we’re doing this extremely carefully. We’ve been collecting an absolute ton of stats in 3.7, and we’ve also made updates much more reliable both of which are setting the stage for us to continue to improve the stability of updates. Not just the update process, or the ability to detect actual compatibility issues or failures, but approaching WordPress development in such a way that we can continue to keep plugin conflicts to a minimum.

We also have the ability to roll out an automatic update slowly. Assuming 3.7.1 isn’t a pressing security release, we’ll be able to release it, wait 48 hours, then release it 1% of installs (let’s say), then slowly increase that percentage for a day or two, specifically watching for failures, support requests, and the like.

And yes, updates do fail, even if you’ve never run into one. Even if 99.9% succeed, that’s still tens or hundreds of thousands of sites. Which means we have no choice but to be perfect.

@Felix –
It’s better to wake up on monday morning and find your site broken than you wake up and find your site was hacked because there was a security hole in WP. Automatic update is only for security fix releases. Security fix releases will not break your site.